Technical Field
The subject matter described herein relates to visualizing data to facilitate identification and protection of sensitive data.
Description of Related Art
Modern day computer networks store numerous types of data, including sensitive data. Sensitive data contains information that could cause harm to individuals and businesses if compromised. Example types of sensitive data include health care records, financial data, and personal identification information. Because the consequences of exposing sensitive data are severe, network administrators apply one or more protection policies to the sensitive data as an additional layer of security beyond a database's standard protections.
Identifying sensitive data may be a challenge for a number of reasons. Within a computer network, databases store countless data records, which are incessantly modified, added, and deleted. To ensure that the locations of sensitive data are known, frequent scans may be used. However, frequent scans are not practical if the scans are computationally intensive, as a scan of each individual database record would be. Accordingly, computationally intensive scans the frequency of scans and the accuracy of the network administrator's sensitive data knowledge. Additionally, not all sensitive data records are of equal importance. A network administrator may not have time to examine every database in a network. When examining databases without prioritization, a network administrator may miss critical databases that present a high overall level of risk.
Furthermore, multiple databases may access sensitive data records. Protecting all copies of a data record may not be practical if the network administrator cannot directly apply protection policies to a database. For example, an external database controlled by another entity accesses a database containing sensitive data, to the network administrator cannot instruct the external database to apply the protection policy.